// Service

Oracle Health

Oracle Health (formerly Cerner) EHR and revenue-cycle suite for hospitals and clinics.

// Alerts

Recent threats

A critical vulnerability (CVE-2026-46817) in Oracle E-Business Suite is under active exploitation in the wild. Approximately 900–950 internet-facing EBS instances have been identified globally, with DefusedCyber observing real-world attack attempts. The flaw enables remote code execution and affects systems handling sensitive financial, HR, and operational data. Attackers appear to have reverse-engineered Oracle's patch before public disclosure.

Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62 contain a critical remote code execution vulnerability (CVE-2026-35273) in the Updates Environment Management component. The vulnerability allows unauthenticated remote attackers to execute arbitrary code via HTTP. Exploitation is actively occurring in the wild; immediate patching is required.

ShinyHunters claimed breach of Oracle PeopleSoft servers at over 100 organizations including universities, exfiltrating student records, financial aid data, and administrative information. The group exploited a vulnerability in PeopleSoft to achieve mass compromise; attackers obtained personal data including home addresses, phone numbers, emails, and dates of birth from educational institutions.

CVE-2026-46839, a critical vulnerability in Oracle REST Data Services (ORDS) Core component, allows low-privileged authenticated attackers to execute arbitrary code and gain full system control via path traversal. Affects versions 24.2.0–26.1.0 with CVSS 9.9. Oracle released a patch in May 2026; exploitation complexity is low and no public PoC exists as of early June 2026, but technical details suggest rapid weaponization is likely.

CISA added CVE-2024-21182, a critical Oracle WebLogic Server vulnerability, to its Known Exploited Vulnerabilities catalog on June 1, 2026, after confirming active exploitation in the wild. The flaw allows unauthenticated attackers to gain unauthorized access via T3 and IIOP protocols. CISA ordered federal agencies to patch by June 4, 2026, and strongly recommends organizations apply mitigations immediately to prevent compromise of WebLogic-dependent services including potential Oracle Health infrastructure.